SecuriteInfo[.]com[.]W32[.]Dialer[.]TCS3_DET[.]Eldorado[.]21328[.]5330[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Dialer.TCS3_DET.Eldorado.21328.5330.exe
Size

528KB
MD5

604812a6dd5f06a0a27305a38728d134
SHA1

95d8816be8467b6df4a31028ee9e53eb45dac7af
SHA256

56c125d9102d0e07710627a84dd04847207284e100726f2a69aec806e56af1a9
SHA512

1fcbf04e5d8347ca1a263c1ac92342708a5659a98e85a57cd8189dcb3aef6350c91b09fd6d3ffa4c037f238ae0b30d0590bdb8b52cc0dc680afd242477b39b48
SSDEEP

12288:LriVqHvpEfkEPCEHOWvt09tTVsFtl/0DFdLMISwU0O/dXbKhgp7nZnCycDIDpAhM:LriVqHvGfkEaEibDA/d1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Dialer.TCS3_DET.Eldorado.21328.5330.exe

Files

SecuriteInfo.com.W32.Dialer.TCS3_DET.Eldorado.21328.5330.exe
.exe windows:4 windows x86 arch:x86

6538838cde90cc118257202808360151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaR8FixI4
__vbaVarTstGt
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
ord693
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLineInputStr
__vbaLenBstr
__vbaLateIdCall
__vbaStrVarMove
ord696
__vbaVarIdiv
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord698
__vbaPut4
__vbaFreeObjList
__vbaR8Sgn
ord516
__vbaStrErrVarCopy
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord519
ord629
__vbaStrCat
__vbaVarCmpNe
ord552
__vbaError
ord553
__vbaLsetFixstr
ord660
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
ord556
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaVarCmpGe
__vbaVarXor
__vbaAryDestruct
__vbaVarIndexLoadRefLock
__vbaLateMemSt
__vbaBoolStr
__vbaExitProc
__vbaForEachCollObj
ord593
__vbaVarForInit
ord594
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
__vbaBoolVar
__vbaForEachCollVar
ord520
__vbaRefVarAry
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord631
__vbaErase
ord709
__vbaVargVarMove
ord632
__vbaVarCmpGt
__vbaNextEachCollObj
__vbaChkstk
__vbaGosubFree
ord526
__vbaFileClose
EVENT_SINK_AddRef
__vbaVarAbs
ord528
__vbaExitEachColl
__vbaStrCmp
__vbaGet3
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner4
__vbaObjVar
__vbaNextEachCollVar
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
_adj_fpatan
__vbaFixstrConstruct
ord569
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
ord601
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaStrUI1
ord710
__vbaVarMul
__vbaExceptHandler
ord711
ord712
__vbaStrToUnicode
__vbaPrintFile
ord314
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
ord315
__vbaGosub
ord607
__vbaI2Str
__vbaVarDiv
ord316
ord608
__vbaVarCmpLe
__vbaFPException
ord717
__vbaInStrVar
__vbaStrVarVal
__vbaGetOwner3
__vbaUbound
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaFileOpen
__vbaVarLateMemCallLdRf
__vbaVar2Vec
__vbaNew2
__vbaInStr
__vbaR8Str
ord570
ord648
ord571
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaVarSetObj
ord573
__vbaStrCopy
ord681
__vbaI4Str
__vbaVarCmpLt
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord578
ord685
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
__vbaStrToAnsi
ord612
__vbaVarDup
__vbaFpI2
__vbaVarMod
__vbaVarTstGe
ord616
__vbaFpI4
__vbaVarLateMemCallLd
__vbaVarCopy
__vbaVarSetObjAddref
__vbaRecDestructAnsi
ord617
__vbaLateMemCallLd
__vbaR8IntI2
_CIatan
ord618
__vbaAryCopy
__vbaI2ErrVar
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
ord619
__vbaR8IntI4
ord542
ord543
_allmul
ord544
__vbaLenVarB
__vbaLateIdSt
ord545
_CItan
ord546
ord547
__vbaAryUnlock
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaRecAssign
ord580
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar
ord581

Sections

.text
Size: 512KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6538838cde90cc118257202808360151

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 512KB - Virtual size: 508KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 512KB - Virtual size: 508KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 4KB